tags: patch severity: important (The original posting contained the "severity: important" header with a little misspelling, so I am repeating it.)
A german discussion concerning this bug can be read here (http://tinyurl.com/442evz). The link is pointing to google groups. That discussion lead to ideas, which I implemented by the following patches: (Note: You can find the patches on http://www.markus-steinborn.de/acl/index.enu.htm , on this page you'll find a discription of this bug, too. Everything important is in this bug report.) To the user, the changes look as follows: [EMAIL PROTECTED]:/privat/msteinbo/tmp>touch test.sh; chmod 4725 test.sh [EMAIL PROTECTED]:/privat/msteinbo/tmp>ls -l total 0 -rws-w-r-x 1 msteinbo infoabc 0 2008-02-15 12:48 test.sh [EMAIL PROTECTED]:/privat/msteinbo/tmp>getfacl test.sh | tee test.acls # file: test.sh # owner: msteinbo # group: infoabc # mode: 04725 user::rwx group::-w- other::r-x [Notice the new comment line with the octal mode of the file. Using a new comment line should ensure maximum compatibility to existing software.] [EMAIL PROTECTED]:/privat/msteinbo/tmp>chmod 0000 test.sh ; ls -l test.sh ---------- 1 msteinbo infoabc 0 2008-02-15 12:48 test.sh [EMAIL PROTECTED]:/privat/msteinbo/tmp>setfacl --restore test.acls ; ls -l test.sh -rws-w-r-x 1 msteinbo infoabc 0 2008-02-15 12:48 test.sh [The Mode-Comment triggers a "chmod(2)", which is executed last and therefore it's effects are not overwritten. Furthermore, the patch introduces the following new options: getfacl: --with-mode include mode in output --without-mode do not include mode in output - also available via environment variable ACL_OUTPUT_WO_MODE setfacl: --keep-smodes for --restore: keep suid/sgid/sticky-bits --no-keep-smodes for --restore: do not keep suid/sgid/sticky-bits The option "--keep-smodes" enables the user to restore backups that are created as described above on an unpatched system without any errors. Please forward this bug upstream because any GNU Linux distribution is affected. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
